Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum
Apps | Demo | Docs | Install

STUN/TURN server debugging

Scheduled Pinned Locked Moved Discuss
stunturnwebrtc
3 Posts 3 Posters 654 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • luckowL Online
    luckowL Online
    luckow translator
    wrote on last edited by girish
    #1

    On Tuesday I had some trouble with customers who were unable to join a BigBlueButton conference due to a limited government network.
    The typical solution for this type of network is a STUN/TURN server constellation, which can be used by these clients to join the meeting via the TURN server.

    I had no clue how to try out to be part of that kind of limited network / to simulate it and why the STUN/TURN server does not work for them.

    I found only two interesting links for testing. Maybe they are helpful for your own debugging too.

    • https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
    • https://test.webrtc.org/

    Additionally there is a setting in firefox:

    about:config
media.peerconnection.ice.relay_only set to true

    ice-errors_simulation-in-firefox.png

    At the end, the easiest solution is really simple.
    The typical government network firewall looks like:

    iptables -P OUTPUT DROP
iptables -A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT
iptables -A OUTPUT -p tcp -m tcp --dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A OUTPUT -p upd -m upp --dport 53 -j ACCEPT

    Only port 80/443/53 are allowed. Rest is blocked

    For this reason WebRTC BigBlueButton meetings without TURN server do not work for them. If you have little snitch on your mac, you can easily simulate this kind of network.

    Pronouns: he/him | Primary language: German

    1 Reply Last reply
    3
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    wrote on last edited by
    #2

    Maybe this helps @robi debug some of the webrtc issues.

    robiR 1 Reply Last reply
    1
  • robiR Offline
    robiR Offline
    robi
    replied to girish on last edited by
    #3

    @girish We're already done.. had to have udp ports open in the 50,000 range and TURN/STUN ports.

    Thanks for thinking of me though 😛

    Life of sky tech

    1 Reply Last reply
    0

  • Login
  • Don't have an account? Register
  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login
  • Don't have an account? Register
  • Login or register to search.